Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NfHzsLm7w22m-JONTY6Ti3NAoo8.roa
File: NfHzsLm7w22m-JONTY6Ti3NAoo8.roa (raw, json)
Hash identifier: i/3V5fORcVgOkv5Sec8RY5XBvcZ/hxaU08RmN/Bw5l8=
Subject key identifier: 35:F1:F3:B0:B9:BB:C3:6D:A6:F8:93:8D:4D:8E:93:8B:73:40:A2:8F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018DD2AE82066ABEE3245038DF2F81BFB77D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NfHzsLm7w22m-JONTY6Ti3NAoo8.roa
Signing time: Thu 22 Feb 2024 21:17:48 +0000
ROA not before: Thu 22 Feb 2024 21:17:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 192.124.191.0/24 maxlen: 24
193.124.5.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.32.0/24 maxlen: 24
194.87.142.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.201.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.72.0/24 maxlen: 24
195.133.78.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.192.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.193.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 07:43:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d2:ae:82:06:6a:be:e3:24:50:38:df:2f:81:bf:b7:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 22 21:17:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35f1f3b0b9bbc36da6f8938d4d8e938b7340a28f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:97:6a:33:bd:e0:ff:a6:9d:6f:36:39:ec:c6:
8a:11:2e:69:4b:85:f3:cf:60:1a:94:cd:5f:ed:32:
66:2d:b6:68:18:ba:9c:f7:d0:a8:12:a3:ad:9b:a7:
2f:ae:12:e4:31:7d:92:7a:4f:41:1b:a5:ca:68:09:
48:16:28:6a:b1:81:eb:3d:88:2a:fe:41:b9:a6:7b:
e5:8f:57:d7:de:c5:6e:74:71:19:09:dc:e0:f6:ba:
0b:56:7d:5d:77:24:24:82:9f:ea:8d:26:41:f4:a9:
73:8d:9d:00:3e:7b:7e:66:f9:92:ef:b2:7c:69:aa:
33:61:49:83:fe:a8:71:97:0f:09:b1:15:69:f3:7a:
26:63:55:7c:a5:b4:6a:f1:1a:e6:46:66:33:f9:91:
3a:09:51:8c:56:b9:ed:7d:bc:97:ef:f1:8b:7b:76:
87:90:bc:4e:fc:c4:0e:ef:cc:11:10:94:11:45:96:
54:7d:f9:bc:15:23:6a:2c:f5:52:a2:48:c0:64:d7:
eb:75:52:06:4f:29:5b:f1:54:f8:d6:10:ed:62:a3:
ce:15:cd:81:d2:f5:30:0a:66:0a:c2:35:5c:cf:7e:
3e:35:b5:40:41:d4:0f:79:bc:0f:01:55:ce:c5:11:
ea:94:df:e7:ec:8f:35:c4:f2:5d:43:89:20:63:f8:
9b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:F1:F3:B0:B9:BB:C3:6D:A6:F8:93:8D:4D:8E:93:8B:73:40:A2:8F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NfHzsLm7w22m-JONTY6Ti3NAoo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.191.0/24
193.124.5.0/24
193.124.7.0/24
193.124.203.0/24
194.87.22.0/24
194.87.32.0/24
194.87.142.0/24
194.87.169.0/24
194.87.201.0/24
195.133.6.0/24
195.133.25.0/24
195.133.72.0/24
195.133.78.0/24
195.133.85.0/24
195.133.192.0/24
212.192.1.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:53:8c:40:f9:76:91:f1:4d:eb:f4:ca:3c:fb:eb:d9:36:e5:
d0:5b:23:2d:54:33:b9:c7:a8:70:3b:92:0d:b3:6c:13:e3:b5:
ed:cb:50:32:cd:2c:83:24:79:05:0b:05:78:24:83:79:ce:56:
b3:35:40:9d:cc:a9:85:cf:c1:4a:f9:1d:e0:e3:7a:d5:e7:3f:
7e:ca:13:8d:11:63:59:65:a3:36:9b:ae:a2:30:2f:41:63:17:
e7:00:02:f9:a6:3e:76:34:92:f8:71:d8:83:0b:a1:5d:4e:9f:
97:c0:3f:0e:b6:57:fb:d0:e3:3a:fb:0d:c0:19:1e:2a:37:b4:
2a:5d:06:80:36:bd:62:ca:cc:fe:80:e8:e4:88:38:73:13:f0:
d0:8a:5c:f1:00:ee:c3:db:66:3c:35:12:2c:86:f3:ea:81:c0:
df:ca:4b:59:14:04:b9:ba:d4:11:43:c5:21:57:29:3c:1e:05:
5d:b3:9d:80:0a:9d:a3:3f:73:8e:14:30:a2:4a:d3:b7:54:81:
88:ce:f9:5a:10:c1:74:22:98:1c:2a:73:87:65:59:85:52:c6:
ed:38:4f:dd:cd:e0:4a:4c:ed:e7:28:ab:1f:39:41:07:d4:e7:
e6:06:06:83:d8:6f:0e:00:41:6d:2d:cc:bf:3e:1e:6c:24:f0:
49:55:fb:b4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAY3SroIGar7jJFA43y+Bv7d9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjIyMjExNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWYxZjNiMGI5YmJjMzZkYTZmODkzOGQ0ZDhlOTM4YjczNDBhMjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpdqM73g/6adbzY57MaKES5pS4Xz
z2AalM1f7TJmLbZoGLqc99CoEqOtm6cvrhLkMX2Sek9BG6XKaAlIFihqsYHrPYgq
/kG5pnvlj1fX3sVudHEZCdzg9roLVn1ddyQkgp/qjSZB9KlzjZ0APnt+ZvmS77J8
aaozYUmD/qhxlw8JsRVp83omY1V8pbRq8RrmRmYz+ZE6CVGMVrntfbyX7/GLe3aH
kLxO/MQO78wREJQRRZZUffm8FSNqLPVSokjAZNfrdVIGTylb8VT41hDtYqPOFc2B
0vUwCmYKwjVcz34+NbVAQdQPebwPAVXOxRHqlN/n7I81xPJdQ4kgY/ibnwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFDXx87C5u8NtpviTjU2Ok4tzQKKPMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTmZIenNMbTd3MjJtLUpPTlRZNlRpM05Bb284LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAwHy/AwQA
wXwFAwQAwXwHAwQAwXzLAwQAwlcWAwQAwlcgAwQAwleOAwQAwlepAwQAwlfJAwQA
w4UGAwQAw4UZAwQAw4VIAwQAw4VOAwQAw4VVAwQAw4XAAwQA1MABAwQA1MEOMA0G
CSqGSIb3DQEBCwUAA4IBAQB8U4xA+XaR8U3r9Mo8++vZNuXQWyMtVDO5x6hwO5IN
s2wT47Xty1AyzSyDJHkFCwV4JIN5zlazNUCdzKmFz8FK+R3g43rV5z9+yhONEWNZ
ZaM2m66iMC9BYxfnAAL5pj52NJL4cdiDC6FdTp+XwD8Otlf70OM6+w3AGR4qN7Qq
XQaANr1iysz+gOjkiDhzE/DQilzxAO7D22Y8NRIshvPqgcDfyktZFAS5utQRQ8Uh
Vyk8HgVds52ACp2jP3OOFDCiStO3VIGIzvlaEMF0IpgcKnOHZVmFUsbtOE/dzeBK
TO3nKKsfOUEH1OfmBgaD2G8OAEFtLcy/Ph5sJPBJVfu0
-----END CERTIFICATE-----
Generated at Fri Feb 23 10:44:38 2024 by rpki-client on console-ams.rpki-client.org